Hub for
Metabolic
Psychiatry
Privacy Policy
1. Purpose and Scope
This privacy policy outlines how we collect, use, and protect your information and the rights that you have under the data protection law. It is designed to comply with the General Data Protection Regulation (GDPR). In this document, we refer to this type of information as “Applicant and Member Data”. This notice also explains how the Hub handles sensitive personal information in relation to diversity, collected as part of “Applicant and Member Data”. In this document we refer to this type of information as ‘Diversity Data’.
1.1 The Hub for Metabolic Psychiatry (referred to as "Hub”, we," "our," or "us") respects your privacy and is committed to protecting your information. This policy explains how we handle data collected during grant and new members applications process. In this Policy, any statements in relation to Applicants and Member Data apply to applications submitted via email or forms via our website. The Hub for Metabolic Psychiatry is hosted by the University of Edinburgh, which acts as the Data Controller for of all the data outlined in this policy.
1.2 Lawful Basis for Data Processing Under GDPR, we process your personal data based on the following lawful bases:
Consent: By submitting your application or data to us, you consent to the processing of your personal data for the purposes outlined in this policy.
Contract: Processing is necessary for the performance of tasks related to the evaluation and administration of project applications.
Legitimate Interests: Processing is required for our legitimate interests in managing and improving our application processes.
2. Information we collect
2.1 You may give us your information in order to subscribe to our mailing list, apply for opportunities, become a Hub member, use our information services or otherwise communicate with us. We may collect the following types of Applicant and Member Data:
Personal Data (name, address, phone number, email address, social media identity)
Professional Data (organisation name, current role, employment history, other expertise information, qualifications, affiliations)
Project-related information (project proposals, budget plan and other supporting documentation)
Diversity Data (age, sex, gender identity, ethnicity, disability and caring responsibilities). With your consent, information relating to various protected characteristics listed in the Equality Act 2010, for diversity monitoring purposes. See Section X below.
Marketing Data (source or platform through which the applicant or new member found information about Hub opportunities)
Any other personal information you may wish to voluntarily share with us, including personal health data.
2.2 We may also collect metadata related to the submission of your application or data, such as the date and time of submission.
2.3 We do not collect any additional information beyond what is explicitly provided in the submitted forms. We do not collect more information than what need to manage and monitor specific activities.
2.4 IP Addresses, Analytics, and Cookies
When you visit our website, we may collect information about your device and browsing activity. This includes your IP address, operating system, and browser type. This data is used for system administration and reporting purposes and is aggregated to provide statistical insights about our visitors’ browsing patterns. It does not identify individual users.
2.4.1 We also use cookies and Google Analytics to enhance your browsing experience and understand how our website is used. A cookie is a small file stored on your device that helps us provide a better and more personalised service. Cookies enable us to:
Estimate the number of visitors and their usage patterns.
Store information about your preferences to customise our website for you.
Speed up your searches and navigation.
Recognise you when you return to the site.
2.4.2 Google Analytics allows us to collect additional data, such as:
The type of browser and device you use.
The pages you visit on our website.
How you arrived at our site (e.g., through a search engine or a referring link).
The actions you take while on our site (e.g., clicks).
2.4.3 If you prefer not to allow cookies, you can adjust your browser settings to refuse them. However, please note that doing so may affect your ability to use certain features of our website. By default, cookies will be set unless you have adjusted your browser settings to block them.
2.4.4 To manage or disable cookies, or to learn more about them, you can visit www.allaboutcookies.org. This resource provides comprehensive guides for a variety of browsers and devices, including how to delete cookies from your machine.
2.4.5 Visitors who wish to opt out of Google Analytics can do so by using the Google Analytics Opt-Out Browser Add-on.
Please note that restricting cookies or opting out of analytics may impact the functionality and performance of our website. We recommend allowing cookies to ensure the best possible user experience.
3. How we collect and use Diversity Data
We are committed to finding ways to improve inclusion in Metabolic Psychiatry research, to identifying and minimising barriers to progression for researchers with diverse characteristics and backgrounds, and to ensuring our work is representative of those we support. The Diversity Data we collect is important for us to monitor our progress against these commitments.
We will collect the following information with your consent:
Age
Sex
Gender Identity
Ethnicity
Disability
Caring Responsibilities
Your responses will be safely stored in compliance with Data Protection Laws. Individual responses will remain confidential and will not be shared. All data will be analysed and presented solely in aggregated and anonymised formats. Aggregated and anonymised diversity data may be published on our website only when the information collected is sufficiently robust to support meaningful conclusions.
The analysis of this data will allow us to compare the Hub against other research initiatives and set meaningful targets, monitor and evaluate our progress against commitments outlined in our Equality, Diversity and Inclusion strategy.
By answering our diversity questions and submitting your answers to us, you consent to the Hub using your Diversity Data. You can withdraw your consent at any time (Please see Section 7). Providing Diversity Data is entirely voluntary. We will not use your Diversity Data during the application review process to make decisions about you.
4. How we use the Data collected
Applicant data will be used to support and process applications, hold meetings, plan and execute events and for other purposes related to the operations of the Hub.
In addition to this, we may also use data collected to:
Communicate with applicants regarding their submissions
To generate reports on our work, services, meetings and events
Maintain records for reporting and auditing purposes
Improve processes
To respond to or fulfil any requests, complaints or queries you make to us
To communicate with the general public and Hub members about the research and researchers we fund
To meet our legal obligations, for instance to perform contracts between you and us, or our obligations to funders, regulators, government and/or law enforcement bodies.
We do not use this data for marketing purposes or share it with third parties unless explicitly required for applications evaluation processes (e.g., involving external reviewers).
5. To Whom your Applicant Data is disclosed
Applicant and Member Data can be disclosed within the Hub or outside the Hub.
Within the Hub: The Hub restricts access to Applicant and Member Data to people within the Hub who have a “need to know” reason for accessing that information. For example, certain individuals within Hub will have access to your Data in order to process, manage or review applications. We may also share your name, research project, host institution and personal contact details with other Hub members and affiliated members, for the purpose of sharing applications information, your research interests and progress and promote a collaborative environment within the Hub and wider Mental Health Platform.
Outside the Hub: We may disclose Applicant and Member Data to third parties in connection with the specific purposes set out in this policy. These third parties may include:
Any joint funders of the research, host institutions or external independent members of our committees who may be part of applications and review processes.
We will reveal the names of awardees, members and other key roles on our website or to third parties, on request. We do not reveal protected characteristics. We will also publish aggregated personal data on groups of people that does not reveal their underlying identities
Data Storage and Security
We are committed to ensuring the security of data collected through different processes at the Hub. Measures in place include:
Secure storage of digital copies of all applications
Access controls to limit data access to authorised personnel only
Encryption or anonymisation of sensitive information where applicable
The Hub upholds the duty of confidentiality and protect data subjects' right to privacy. Confidential data are data not in the public domain, including information that has been given in confidence or agreed to be kept confidential between two parties. This may include information on business, income, health, medical details, and political opinion. Shared Data will be retained only as long as necessary for the purposes outlined in this policy or as required by applicable laws and regulations.
The data provided to the Hub will be held until the end of Hub funding programme and then deleted, unless the Hub is renewed or continued in another form. If that is the case we will email you to remind you that your data is being retained and of your right to have it deleted.
6. Your GDPR Rights
Under GDPR, you have the following rights regarding your personal data:
Access: You can request access to the data we hold about you.
Rectification: You can request corrections to inaccurate or incomplete data.
Erasure: You can request the deletion of your data where it is no longer necessary for the purposes for which it was collected.
Restriction of Processing: You can request that we limit the processing of your data in certain circumstances.
Data Portability: You can request a copy of your data in a structured, commonly used format.
Objection: You can object to the processing of your data where we rely on legitimate interests as the lawful basis.
Withdraw Consent: If processing is based on your consent, (i.e. Diversity Data) in your application, you can withdraw it at any time. We will ensure that your Diversity Data is excluded from future analysis within a reasonable period of you withdrawing your consent. Data that have previously been aggregated cannot be dis-aggregated.
To exercise these rights, please contact us using the details provided below. Please note that some rights may be limited by legal or contractual obligations.
7. Sharing Information with Third Parties
In some cases, we may share your application data with external reviewers or partner organisations involved in the evaluation or funding of projects. Any third parties will be required to adhere to strict confidentiality and data protection standards.
8. International Data Transfers
If your data is transferred outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place, such as standard contractual clauses or other mechanisms approved under GDPR.
9. Changes to This Privacy Policy
We reserve the right to update this policy periodically to reflect changes in our practices or legal requirements. Any updates will be published with an updated effective date. We encourage you to review this policy regularly.
10. Complains or queries
We aim to meet the highest standards when collecting or using personal information. For questions, suggestions or concerns regarding this Privacy Policy and how we manage your Personal Data, or to exercise your rights under GDPR, please contact us at:
Hub for Metabolic Psychiatry
Hub Email: metabolicpsychiatry@ed.ac.uk
Hub website: www.metabolicpsychiatry.com
If you would like to make a complain about our handling of your data, you can also contact the University of Edinburgh Data Protection Officer, via email at dpo@ed.ac.uk or by writing to:
Data Protection Officer
Governance and Strategic Planning
The University of Edinburgh
Old College
Edinburgh
EH8 9YL
About this Privacy Policy: The most recent modification was made on 13.02.2025